IAPP CIPP / US Certified Information Privacy Professional Study Guide - Mike Chapple, Joe Shelley

IAPP CIPP / US Certified Information Privacy Professional Study Guide

Buch | Softcover
352 Seiten
2024 | 2nd edition
John Wiley & Sons Inc (Verlag)
978-1-394-28490-0 (ISBN)
52,95 inkl. MwSt
Prepare for success on the IAPP CIPP/US exam and further your career in privacy with this effective study guide - now includes a downloadable supplement to get you up to date on the current CIPP exam for 2024-2025!

Information privacy has become a critical and central concern for small and large businesses across the United States. At the same time, the demand for talented professionals able to navigate the increasingly complex web of legislation and regulation regarding privacy continues to increase.

Written from the ground up to prepare you for the United States version of the Certified Information Privacy Professional (CIPP) exam, Sybex's IAPP CIPP/US Certified Information Privacy Professional Study Guide also readies you for success in the rapidly growing privacy field.

You'll efficiently and effectively prepare for the exam with online practice tests and flashcards as well as a digital glossary. The concise and easy-to-follow instruction contained in the IAPP/CIPP Study Guide covers every aspect of the CIPP/US exam, including the legal environment, regulatory enforcement, information management, private sector data collection, law enforcement and national security, workplace privacy and state privacy law, and international privacy regulation.



Provides the information you need to gain a unique and sought-after certification that allows you to fully understand the privacy framework in the US
Fully updated to prepare you to advise organizations on the current legal limits of public and private sector data collection and use
Includes 1 year free access to the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms, all supported by Wiley's support agents who are available 24x7 via email or live chat to assist with access and login questions

Perfect for anyone considering a career in privacy or preparing to tackle the challenging IAPP CIPP exam as the next step to advance an existing privacy role, the IAPP CIPP/US Certified Information Privacy Professional Study Guide offers you an invaluable head start for success on the exam and in your career as an in-demand privacy professional.

Contents

Introduction xix

Assessment Test xxix

Chapter 1 Privacy in the Modern Era 1

Introduction to Privacy 2

What Is Privacy? 3

What Is Personal Information? 4

What Isn’t Personal Information? 5

Why Should We Care About Privacy? 7

Generally Accepted Privacy Principles 8

Management 9

Notice 9

Choice and Consent 10

Collection 10

Use, Retention, and Disposal 11

Access 11

Disclosure to Third Parties 12

Security for Privacy 12

Quality 14

Monitoring and Enforcement 14

Developing a Privacy Program 15

Crafting Strategy, Goals, and Objectives 15

Appointing a Privacy Official 16

Privacy Roles 17

Building Inventories 18

Conducting a Privacy Assessment 18

Implementing Privacy Controls 20

Ongoing Operation and Monitoring 20

Online Privacy 20

Privacy Notices 21

Privacy and Cybersecurity 21

Cybersecurity Goals 22

Relationship Between Privacy and Cybersecurity 23

Privacy by Design 24

Summary 25

Exam Essentials 25

Review Questions 27

Chapter 2 Legal Environment 31

Branches of Government 32

Legislative Branch 32

Executive Branch 33

Judicial Branch 34

Understanding Laws 36

Sources of Law 36

Analyzing a Law 41

Legal Concepts 43

Legal Liability 44

Torts and Negligence 45

Summary 46

Exam Essentials 46

Review Questions 48

Chapter 3 Regulatory Enforcement 53

Federal Regulatory Authorities 54

Federal Trade Commission 54

Federal Communications Commission 60

Department of Commerce 61

Department of Health and Human Services 61

Banking Regulators 62

Department of Education 63

State Regulatory Authorities 63

Self-Regulatory Programs 64

Payment Card Industry 65

Advertising 65

Trust Marks 66

Safe Harbors 66

Summary 67

Exam Essentials 68

Review Questions 69

Chapter 4 Information Management 73

Data Governance 74

Building a Data Inventory 74

Data Classification 75

Data Flow Mapping 77

Data Lifecycle Management 78

Workforce Training 79

Cybersecurity Threats 80

Threat Actors 81

Incident Response 86

Phases of Incident Response 86

Preparation 87

Detection and Analysis 88

Containment, Eradication, and Recovery 88

Post-incident Activity 88

Building an Incident Response Plan 90

Data Breach Notification 92

Vendor Management 93

Summary 94

Exam Essentials 95

Review Questions 97

Chapter 5 Private Sector Data Collection 101

FTC Privacy Protection 103

General FTC Privacy Protection 103

The Children’s Online Privacy Protection Act (COPPA) 104

Future of Federal Enforcement 107

Medical Privacy 110

The Health Insurance Portability and Accountability

Act (HIPAA) 111

The Health Information Technology for Economic and

Clinical Health Act 119

The 21st Century Cures Act 120

Confidentiality of Substance Use Disorder Patient

Records Rule 121

Financial Privacy 122

Privacy in Credit Reporting 122

Gramm–Leach–Bliley Act (GLBA) 125

Red Flags Rule 129

Consumer Financial Protection Bureau 130

Educational Privacy 131

Family Educational Rights and Privacy Act (FERPA) 131

Telecommunications and Marketing Privacy 132

Telephone Consumer Protection Act (TCPA) and

Telemarketing Sales Rule (TSR) 133

The Junk Fax Prevention Act (JFPA) 136

Controlling the Assault of Non-solicited Pornography

and Marketing (CAN-SPAM) Act 136

Telecommunications Act and Customer Proprietary

Network Information 138

Cable Communications Policy Act 139

Video Privacy Protection Act (VPPA) of 1988 140

Driver’s Privacy Protection Act (DPPA) 141

Digital Advertising and Data Ethics 142

Web Scraping 143

Summary 143

Exam Essentials 144

Review Questions 146

Chapter 6 Government and Court Access to Private Sector

Information 151

Law Enforcement and Privacy 152

Access to Financial Data 153

Access to Communications 157

National Security and Privacy 162

Foreign Intelligence Surveillance Act (FISA) of 1978 162

FISA Amendments Act Section 702 164

USA-PATRIOT Act 165

The USA Freedom Act of 2015 167

The Cybersecurity Information Sharing Act of 2015 168

Civil Litigation and Privacy 169

Compelled Disclosure of Media Information 170

Electronic Discovery 171

Summary 173

Exam Essentials 173

Review Questions 175

Chapter 7 Workplace Privacy 179

Introduction to Workplace Privacy 180

Workplace Privacy Concepts 180

U.S. Agencies Regulating Workplace Privacy Issues 181

U.S. Antidiscrimination Laws 182

Privacy Before, During, and After Employment 185

Automated Employment Decision Tools 186

Employee Background Screening 186

Employee Monitoring 190

Investigation of Employee Misconduct 194

Termination of the Employment Relationship 196

Summary 197

Exam Essentials 198

Review Questions 200

Chapter 8 State Privacy Laws 205

Federal vs. State Authority 206

Elements of State Privacy Laws 207

Applicability 207

Data Subject Rights 208

Privacy Notice Requirements 209

Data Protection 209

Enforcement 211

Data Breach Notification 212

Elements of State Data Breach Notification Laws 212

Key Differences Among States 214

Significant Developments 215

Other Recent Updates to State Breach Notification Laws 218

Comprehensive State Privacy Laws 220

California Consumer Privacy Act (2018) and

California Privacy Rights Act (2020) 220

Virginia Consumer Data Protection Act 223

Colorado Privacy Act 226

Connecticut Data Privacy Act 229

Utah 231

Florida 232

Oregon 234

Texas 237

Montana 239

Subject-Specific State Privacy Laws 241

Health and Genetic Information 241

Online Privacy 243

Biometric Information Privacy Regulations 247

AI and Automated Decision-Making 249

Data Brokers 250

Financial Privacy 251

California Financial Information Privacy Act 252

Recent Developments 253

Marketing Laws 254

Summary 255

Exam Essentials 256

Review Questions 258

Chapter 9 International Privacy Regulation 263

International Data Transfers 264

European Union General Data Protection Regulation 265

Adequacy Decisions 268

Binding Corporate Rules 272

Standard Contractual Clauses 273

Other Approved Transfer Mechanisms 273

APEC Privacy Framework 274

Cross-Border Enforcement Issues 276

Global Privacy Enforcement Network 276

Resolving Multinational Compliance Conflicts 276

Summary 277

Exam Essentials 277

Review Questions 279

Appendix Answers to Review Questions 283

Chapter 1: Privacy in the Modern Era 284

Chapter 2: Legal Environment 285

Chapter 3: Regulatory Enforcement 287

Chapter 4: Information Management 289

Chapter 5: Private Sector Data Collection 291

Chapter 6: Government and Court Access to Private Sector

Information 293

Chapter 7: Workplace Privacy 294

Chapter 8: State Privacy Laws 296

Chapter 9: International Privacy Regulation 298

Index 301

Erscheint lt. Verlag 25.2.2025
Reihe/Serie Sybex Study Guide
Verlagsort New York
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Theorie / Studium
Recht / Steuern EU / Internationales Recht
Recht / Steuern Öffentliches Recht Verfassungsrecht
Technik Elektrotechnik / Energietechnik
ISBN-10 1-394-28490-X / 139428490X
ISBN-13 978-1-394-28490-0 / 9781394284900
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00